<?php

namespace Admin\Controller;

use Think\Controller;

/**
 * 公共操作
 */
class PublicController extends Controller
{
    /**
     * 后台登录
     */
    public function login()
    {
        $soft_info = array(
            'comm_short'   => C('SYS_COMM_SHORT'),
            'current_year' => C('SYS_CURRENT_YEAR'),
            'comm_name'    => C('SYS_COMM')
        );
        $this->assign('soft_info', $soft_info)
             ->display();
    }

    /**
     * 登录处理
     */
    public function doLogin()
    {
        $account = I('account');
        $password = cryptString(I('password'));
        $remember = I('remember');

        if (empty($account) || empty($password)) {
            $output['code'] = 1;
            $output['message'] = '用户名或密码不能为空';
            $this->ajaxReturn($output, 'json');
        }
        
        $input = array(
            'account' => $account,
            'password' => $password
        );

        $model = M('user');
        $list = $model->where($input)->find();
        if (!$list) {
            $output['code'] = 2;
            $output['message'] = '用户名或密码错误';
            $this->ajaxReturn($output, 'json');
        }
        if ($list['status'] === '2') {
            $output['code'] = 7;
            $output['message'] = '该用户被已冻结，请联系管理员';
            $this->ajaxReturn($output, 'json');
        }
        // 登录操作记录
        $data = array();
        $data['last_login']  = NOW_TIME;
//        $data['login_ip']    = $_SERVER['REMOTE_ADDR'];
        $data['login_ip']    = get_client_ip();
        $data['login_times'] = intval($list['login_times']) + 1;

//        session(C('USER_AUTH_KEY'), $list['id']);

        // 如果是超级管理员。则无需验证
//        if ($list['username'] == C('RBAC_SUPERADMIN')) {
//            session(C('ADMIN_AUTH_KEY'), $list['username']);
//        } else {
//            \Org\Util\Rbac::saveAccessList($data['id']);
//        }

        $res = $model->where(array('account' => $account))->save($data);
        if ($res) {
            if (isset($remember) && $remember == 1) {
                $this->rememberPwd($list['id'], $account, $password, $list['username']);
            }
            $_SESSION['adminInfo'] = $list;
            $output['code'] = 8;
            $output['message'] = '登录成功';
            $this->ajaxReturn($output, 'json');
        } else {
            $output['code'] = 7;
            $output['message'] = '登录失败';
            $this->ajaxReturn($output, 'json');
        }
    }

    /**
     * 记住密码
     *
     * @param $id
     * @param $account
     * @param $password
     * @param $username
     */
    protected function rememberPwd($id, $account, $password, $username)
    {
        setcookie('id', $id, time() + C('AUTO_LOGIN_TIME'), '/');
        setcookie('account',  $account, time() + C('AUTO_LOGIN_TIME'), '/');
        setcookie('password',  $password, time() + C('AUTO_LOGIN_TIME'), '/');
        setcookie('username', $username, time() + C('AUTO_LOGIN_TIME'), '/');
    }

    /**
     * 退出
     */
    public function logout()
    {
        if(isset($_SESSION['adminInfo'])) {
            unset($_SESSION['adminInfo']);
            session_destroy();
        }

        if (isset($_COOKIE['account']) && isset($_COOKIE['password'])) {
            setcookie('account', '', time()-1, '/');
            setcookie('password', '', time()-1, '/');
            setcookie('username', '', time()-1, '/');
        }
        $this->redirect('/Public/login');
    }
}